The HHS Office of Inspector General (OIG) has finalized penalties for information blocking under the 21st Century Cures Act. Individuals or entities found guilty of information blocking may face penalties of up to $1 million per violation. The OIG emphasized the threat to patient safety and the hindrance of healthcare efficiency caused by information blocking. The final rule incorporates existing regulations and will become official upon publication. The OIG will prioritize investigations based on factors such as patient harm, impact on care delivery, duration, financial losses, and knowledge of information-blocking practices.
The HHS Office of Inspector General (OIG) has issued a final rule outlining the penalties associated with information blocking as mandated by the 21st Century Cures Act. If the OIG determines that an individual or organization has engaged in information blocking, they may face penalties of up to $1 million.
It is important to note that this final rule does not introduce new information-blocking provisions. Instead, the OIG has adopted the regulations previously published by the Office of the National Coordinator for Health Information Technology (ONC) as the basis for enforcing penalties related to information blocking.
In cases where information blocking is identified by the OIG, the responsible individual or entity may be subject to a penalty of up to $1 million per violation.
The OIG emphasized in the final rule that information blocking poses a significant threat to patient safety and undermines the efforts of healthcare providers, payers, and other stakeholders to improve the efficiency and effectiveness of the healthcare system. They stated that information blocking could also be considered as part of fraudulent activities, such as ordering unnecessary tests or making information exchange contingent on referrals.
The final rule is currently awaiting publication in the Federal Register, after which most of its provisions will take effect within 30 days.
This rule specifically addresses civil monetary penalties for practices that are likely to impede, prevent, or significantly discourage the access, exchange, or utilization of electronic health information (EHI) if conducted by entities including certified health information technology (IT) developers, providers of certified health IT, health information exchanges (HIEs), or health information networks (HINs). The rule applies if the entity is aware or should be aware that its practices are likely to hinder access, exchange, or utilization of EHI.
Given the anticipated influx of information-blocking complaints, the OIG expects that it will not be able to investigate all cases. Consequently, the OIG will prioritize investigations based on the following criteria:
1. Cases resulting in patient harm, currently causing harm, or with the potential to cause harm.
2. Cases significantly impact a provider’s ability to deliver patient care.
3. Cases involving long-duration information blocking.
4. Cases causing financial losses to federal healthcare programs, government entities, or private organizations.
5. Cases where the information blocking practices were performed knowingly.
